Referred from malware forum, web browsers dont start

First let me thank you all for the good work you do and thank you in advance for any assistance you can provide for me

I had a malware infection and my browsers stopped working, EXCEPT for IE in 64 bit mode. The malware forum cleared me and my browsers still don't work.

I had IE and FF installed. the IE in normal mode will sometimes 'load' - in other words sometimes i'll be able to see the actual IE window before it crashes. Sometimes when it crashes it gives me two crash windows saying 'internet explorer has encountered a problem and needs to close' and sometimes it's just one crash window.

Firefox was basically the same, except firefox has it's own bug-reporting-window that pops up. sometimes the window loads, sometimes it just goes straight to the error.

AFTER all the malware was gone my malware advisor in the malware forums said i should try google chrome, i did a fresh install of that and when i started it, it popped up a window about being unable to load settings from firefox., that window stayed around for a second or two before dying on it's own. Now when i try to load chrome it's the same as IE and FF, except there's no 'error' window telling me about the crash.

IE in 64 bit mode works as expected.

This is windows 7 64 bit.

NONE of this changes in safe mode, or running IE without any addons from the system tools menu. I haven't tried google chrome in safe mode yet.

This is my thread in the malware forum: http://forums.majorgeeks.com/showthread.php?t=239079

 

can you try the following to reset your IE to default settings?

start > run > inetcpl.cpl

go to the Advanced tab

Click Reset...

Delete personal settings

Wait for 4 checkmarks..

Restart IE.

Same issues?

 

thisisu, thanks for your help

i tried the procedure you outlined, no change. IE popped up for an instant and then crashed.

 

For testing purposes, can you uninstall Ad-Aware and Webroot antivirus

 

If that doesn't work, try repairing IE8 using this tool:

http://www.softpedia.com/progDownload/Complete-Internet-Repair-Download-177362.html

It's free, you're going to want to click the

Softpedia Secure Download (US) [ZIP]

link

 

ok, removed both adaware and webroot, that didn't change anything. ran the internet explorer repair tool with all the checkboxes checked, that didn't change anything either

 

K..

lets download and install IE9
source: http://windows.microsoft.com/en-US/internet-explorer/downloads/ie-9/worldwide-languages

If this works, and for whatever reason you don't like IE9, we can revert back to IE8 and see if it starts functioning again.

 

that was one of the first things i did when i found out browsers didn't work, before i first posted in the malware forum.. IE8 had the same problem, i've had IE9 with the same problem since before posting

 

alrighty, let's try this..

Start > run > eventvwr.msc
.Windows Logs
..Application
...Save All Events As...

Save to desktop, or some place you can find afterwards, and save as Text (tab delimited) (*.txt) file by clicking the dropdown menu near "Save as type"

Upload that .txt file here as an attachment

 

here you go. I had to zip it because the forum said it was too big. thanks again for all your help

 

Thank you,

try the following now:

Start > run > cmd
command prompt window opens
type in: sfc /scannow

Let me know if it asks you for your Windows 7 Home premium disc, or if it doesn't and comes up with no errors.

 

I ran the scan, it didn't ask me for a disc but it did find errors:

C:\Windows\system32>sfc /scannow

Beginning system scan. This process will take some time.

Beginning verification phase of system scan.
Verification 100% complete.
Windows Resource Protection found corrupt files but was unable to fix some of th
em.
Details are included in the CBS.Log windir\Logs\CBS\CBS.log. For example
C:\Windows\Logs\CBS\CBS.log

C:\Windows\system32>

i have attached the log

 

i looked up some info on the web about the sfc log file and i found this in the log:

Code:

2011-06-13 00:41:11, Info                  CSI    0000011d [SR] Cannot repair member file [l:20{10}]"tcpmon.ini" of Microsoft-Windows-Printing-StandardPortMonitor-TCPMonINI, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2011-06-13 00:41:13, Info                  CSI    0000011f [SR] Cannot repair member file [l:20{10}]"tcpmon.ini" of Microsoft-Windows-Printing-StandardPortMonitor-TCPMonINI, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2011-06-13 00:41:13, Info                  CSI    00000120 [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2011-06-13 00:41:13, Info                  CSI    00000123 [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:20{10}]"tcpmon.ini"; source file in store is also corrupted

 

I've never actually analyzed a cbs.log before, so i'm not sure what to look for, plus the log is huge

you may want to try running a full chkdsk in the meantime, it also looks for corruption on the hard drive

to do this..

open My Computer
right mouse click the C: drive
Properties
Tools tab
Error Checking
Check now...
place checkmarks in both of the boxes (automatically fix file system errors, scan for and attempt recovery of bad sectors)
Start
It will say it can't do it right now, but if you want to run it whenever you reboot your PC
Say yes
Reboot pc.

This process takes anywhere from ~45 mins to ~2.5 hours, kind of depends on how much HD space you're using.

I'll try to learn what i can about the cbs.log tomorrow. thanks for posting that

 

yeah i just found a website that said to ctrl+f for 'cannot repair'

chkdsk is still running, it has found one error so far:

Windows replaced bad clusters in file 93510 of name \pagefile.sys

it finished checking files and now is checking free space, so i'm guessing that's the only file it found problems with

i'll report back when it's actually done

 

alright chkdsk is done, i don't know if there's a log anywhere but that was the only error i saw. after it finished booting into windows, still no change to the web browsers

 

Have you tried to repair your winsock?

Source: http://www.sevenforums.com/browsers-mail/131864-no-32-bit-browser-works-but-ie8-64bit-does.html

 

thanks plodr for the suggestion.. no change though after winsock reset

 

Do you happen to have a USB key handy.
I'm wondering if a portable version of FF would start. If it did then you could try a complete uninstall of FF and fresh install on your computer to see if that would get FF working.

You would download the FFportableapp.exe and then run it. Select the USB drive as the location for install.
Then open the USB in explorer (on the troublesome machine) and double click the Firefox.exe. See if it can start FF.

 

k, from your cbs.log

Code:

2011-06-11 14:23:26, Error                 CBS    Failed to shred identity: Microsoft-Windows-InternetExplorer-LanguagePack [HRESULT = 0x80070057 - E_INVALIDARG]
2011-06-11 16:05:14, Error                 CBS    Failed to shred identity: Microsoft-Windows-InternetExplorer-LanguagePack [HRESULT = 0x80070057 - E_INVALIDARG]
2011-06-11 16:17:38, Error                 CBS    Failed to shred identity: Microsoft-Windows-InternetExplorer-LanguagePack [HRESULT = 0x80070057 - E_INVALIDARG]
2011-06-11 22:14:53, Error                 CBS    Failed to shred identity: Microsoft-Windows-InternetExplorer-LanguagePack [HRESULT = 0x80070057 - E_INVALIDARG]

I looked up this result and came across this thread: http://social.msdn.microsoft.com/Forums/en-US/csharpide/thread/352c58ec-65d8-4d77-ac7b-d2338c621ef3/

Easiest thing imo would be to first delete your IE cache using something like CCleaner Slim

If that doesn't work, try uninstalling and reinstalling .net framework.

There is a removal tool for it too, click here for download

 

thisisu: I tried clearing out that temp directory but it doesn't exist on the system. I also ran the .net uninstall tool but neither changed anything. After that I rebooted and windows said my drive had errors, chkdsk ran again and fixed another few bad sectors. This made me think my hard drive is going bad, and I have confirmed this with the automatic dell diagnostics. it's full of problems. I am going to replace the hard drive and go from there. I don't imagine the browser problem will still be there when i'm done, but i'm knocking on wood just in case.

thank you very much for your help, this goes to everyone else who made suggestions too.